Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1214458 - incorrect directory permissions - pxe install
Summary: incorrect directory permissions - pxe install
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Spacewalk
Classification: Community
Component: Server
Version: 2.3
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Stephen Herr
QA Contact: Red Hat Satellite QA List
URL:
Whiteboard:
Depends On:
Blocks: 465198 sat560-triage space24
TreeView+ depends on / blocked
 
Reported: 2015-04-22 18:26 UTC by Stephen Herr
Modified: 2015-10-08 13:27 UTC (History)
8 users (show)

Fixed In Version: cobbler20-2.0.11-44
Doc Type: Bug Fix
Doc Text:
Clone Of: 1052857
Environment:
Last Closed: 2015-10-08 13:27:09 UTC


Attachments (Terms of Use)

Description Stephen Herr 2015-04-22 18:26:01 UTC
+++ This bug was initially created as a clone of Bug #1052857 +++

Description of problem:
Sometimes the newly created systems can not load their kernel per tftp with the message "permission denied"

Jan 13 14:31:36 orbit01 dhcpd: DHCPREQUEST for 10.184.68.151 (10.152.52.249) from 00:50:56:97:71:0c via 10.184.69.252
Jan 13 14:31:36 orbit01 dhcpd: DHCPACK on 10.184.68.151 to 00:50:56:97:71:0c via 10.184.69.252
Jan 13 14:31:36 orbit01 dhcpd: DHCPREQUEST for 10.184.68.151 (10.152.52.249) from 00:50:56:97:71:0c via 10.184.69.253
Jan 13 14:31:36 orbit01 dhcpd: DHCPACK on 10.184.68.151 to 00:50:56:97:71:0c via 10.184.69.253
Jan 13 14:31:36 orbit01 in.tftpd[12763]: RRQ from 10.184.68.151 filename pxelinux.0
Jan 13 14:31:36 orbit01 in.tftpd[12763]: tftp: client does not accept options
Jan 13 14:31:36 orbit01 in.tftpd[12764]: RRQ from 10.184.68.151 filename pxelinux.0
Jan 13 14:31:36 orbit01 in.tftpd[12765]: RRQ from 10.184.68.151 filename pxelinux.cfg/4217c312-d61f-ec64-6da2-ab6e8407b696
Jan 13 14:31:36 orbit01 in.tftpd[12765]: sending NAK (1, File not found) to 10.184.68.151
Jan 13 14:31:36 orbit01 in.tftpd[12766]: RRQ from 10.184.68.151 filename pxelinux.cfg/01-00-50-56-97-71-0c
Jan 13 14:31:36 orbit01 in.tftpd[12767]: RRQ from 10.184.68.151 filename /images/ks-rhel-x86_64-server-6-64/vmlinuz
Jan 13 14:31:36 orbit01 in.tftpd[12767]: sending NAK (0, Permission denied) to 10.184.68.151
Jan 13 14:31:36 orbit01 in.tftpd[12768]: RRQ from 10.184.68.151 filename /images/ks-rhel-x86_64-server-6-64/vmlinuz.cbt
Jan 13 14:31:36 orbit01 in.tftpd[12768]: sending NAK (0, Permission denied) to 10.184.68.151
Jan 13 14:31:36 orbit01 in.tftpd[12769]: RRQ from 10.184.68.151 filename /images/ks-rhel-x86_64-server-6-64/vmlinuz.0
Jan 13 14:31:36 orbit01 in.tftpd[12769]: sending NAK (0, Permission denied) to 10.184.68.151
...

no more installation will work until the cobbler is restarted manually. 



Version-Release number of selected component (if applicable):
cobbler-2.0.7-26.1.el6sat.noarch

How reproducible:


Steps to Reproduce:
see additional info

Actual results:
incorrect permissions on directory leading to permission denied to pxe boot machine

Expected results:
machine boots from pxe correctly

Additional info:

the permissions of directories with strange permissions: "d-w---x---"



Cedric Parent from RedHat was onsite and probably found the cause of this error:

>> Concerning the issue with cobbler we had yesterday, this is (I think)
>> where the problem come from:
>>
>>      def last_modified_time(self):
>>          """
>>          Returns the time of the last modification to cobbler, made by any
>>          API instance, regardless of the serializer type.
>>          """
>>          if not os.path.exists("/var/lib/cobbler/.mtime"):
>>              old = os.umask(0x777)
>>              fd = open("/var/lib/cobbler/.mtime","w")
>>              fd.write("0")
>>              fd.close()
>>              os.umask(old)
>>              return 0
>>          fd = open("/var/lib/cobbler/.mtime")
>>          data = fd.read().strip()
>>          return float(data)
>>
>> If another thread is running while between the to umask call, we are
>> screwed.
>> The fix is not to use umask to change permission on the file like this:
>>
>>    fd = os.open("/var/lib/cobbler/.mtime", os.O_CREAT|os.O_RDWR, 0200)
>>
>> This has to be done in two places.
>>
>> Full fix here:
>> https://github.com/jimi-c/cobbler/commit/ba1fc849135955ea8659f57218c44e6745a42ba5
>>
>> Discussion about this issue:
>> https://www.mail-archive.com/cobbler-devel@lists.fedorahosted.org/msg01859.html
>>

Comment 1 Stephen Herr 2015-04-22 18:49:07 UTC
Upstream cobbler issue:
https://github.com/cobbler/cobbler/issues/117

Spacewalk cobbler patched in master:
6b55c1f20f9b421ca9b256814c770cb6cc8285ca

Comment 2 Jan Dobes 2015-10-08 13:27:09 UTC
Spacewalk 2.4 has been released.


Note You need to log in before you can comment on or make changes to this bug.